ccache: updated to 4.13.6
Ccache 4.13.6
Bug fixes and improvements
Fixed a potential manifest/result cache key collision in MSVC depend mode when compiling a source file with no included files.
Improved robustness when parsing cache entry data structures.
Test improvements
Changed the remote_helper test suite to skip gracefully when the storage test helper is unavailable, avoiding failures when testing a system-installed ccache.
audio/fasttracker2: Update to 2.19
Changes since 2.18:
v2.19 - 03.05.2026
* Set audio input/output device to default during config reset
* If audio input device was set to default, properly open default
audio input device before sampling audio.
In pmap_bootstrap1(), check to see if FIXEDVA entries in machine_bootmap[]
are covered by any existing page table range, and if not, allocate additional
page table ranges to cover them.
This does not impact the one current user of FIXEDVA -- hp300 -- which
uses it to map the last page of RAM VA==PA. In the hp300 case, this
was already covered by the PTs that map the alternate SYSMAP_VA that
the hp300 uses (precisely because it needs the last VA==PA mapping).
This will eventually be used to map the I/O region VA==PA for mac68k.
Normally, we might otherwies use a TT register for that, but mac68k
runs on 68020s, so we cannot.
www/apache24: update to 2.4.67
Changes with Apache 2.4.67 (2026-05-04)
* SECURITY: CVE-2026-34059: Apache HTTP Server: mod_proxy_ajp: Heap
Over-Read and memory disclosure in ajp_parse_data() (cve.mitre.org)
Buffer Over-read vulnerability in Apache HTTP Server. This issue affects
Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to
version 2.4.67, which fixes the issue. Credits: Elhanan Haenel
* SECURITY: CVE-2026-34032: Apache HTTP Server: mod_proxy_ajp: Heap Buffer
Over-Read Due to Missing Null-Termination Check (ajp_msg_get_string)
(cve.mitre.org) Improper Null Termination, Out-of-bounds Read
vulnerability in Apache HTTP Server. This issue affects Apache HTTP
Server: through 2.4.66. Users are recommended to upgrade to version
2.4.67, which fixes the issue. Credits: Tianshuo Han
(<hantianshuo233 at gmail.com>)
* SECURITY: CVE-2026-33857: Apache HTTP Server: Off-by-one OOB reads in AJP
[102 lines not shown]
mail/postfix: update to 3.11.2
Postfix 3.11.2 (2026-05-03)
Fixed in Postfix 3.11:
* Bugfix (defect introduced: Postfix 3.11): the proxymap(8) daemon
dereferenced an uninitialized pointer after a request protocol
error. This daemon is not exposed to local or remote users.
Found by Claude Opus 4.6.
* Bugfix (defect introduced: 20260309) a change, to set the
service_name default value to "amnesiac", violated a test that
parameter names in postconf output must match 1:1 with parameter
names in the postlink script.
Fixed in Postfix 3.8, 3.9, 3.10. 3.11:
* Portability: support for recent FreeBSD, NetBSD, and OpenBSD
[25 lines not shown]
geography/pdal-lib: Update to 2.10.1
Upstream does not publish NEWS. Their release notes contain the
following particularly NEWS-worthy items, plus many bug fixes and
minor improvements.
* 2.10.0
* readers.spz and writers.spz are now plugins by @ibell13 in #4755
* 2.9.0
* support for GDAL VSI
* support for FileSpec
* remove nlohmann public API (from PDAL API)
* Multi-thread support, where query, and new options for pdal tindex
Two issues:
- Always include vmparams.h via <machine/vmparams.h>, because redirection
logic elsewhere relies on this.
- But akshually, isn't not even needed here because the code that would
use it is #if 0'd out anyway.
So, collect the garbage and ramble on.
mlterm: pull upstream fix for XIM key input issue
Fix lost key input after keyboard focus changes with recent libX11 XIM.
See upstream issue in patches for details.
Bump PKGREVISION.
bookokrat: update to 0.3.10
For changes: https://github.com/bugzmanov/bookokrat/releases/tag/v0.3.10
Highlights
Customizable keybindings - every shortcut is now overridable via a TOML
config, with neovim-compatible notation and live reload.
SyncTeX (LaTeX # PDF) - bidirectional jump between source and PDF,
including multi-file projects.
Redesigned Settings window - new tabbed UI with keyboard/mouse navigation
and a scrollbar for overflow content.
Richer CLI - clap-based parser, print subcommand, and
--directory/--chapter/--page flags.
Config migration to XDG paths - settings, bookmarks, comments, and image
cache now live in standard system directories.
Pull up following revision(s) (requested by martin in ticket #275):
share/mk/bsd.own.mk: 1.1481 via patch
PR 58762: disable MKCOMPAT for earm*.
If someone is interested in re-adding support for oabi compat library
builds, they can figure out the missing bits. But for now, stop producing
bogus compat32/debug32 sets on all evbarm builds.
Pull up following revision(s) (requested by martin in ticket #274):
usr.bin/cksum/cksum.c: 1.53
PR 60154: do not print arbitrary control characters when printing
file names while checking hashes with the -c option.
Remove the upper bound on nkmempages for virt68k, else the kmem arena
gets easily starved on VMs with large memory configs (which is sort of
the whole point of virt68k).
ffmpeg8 ffplay8: updated to 8.1.1
8.1.1:
avcodec/aac/aacdec_usac_mps212: fix attach_lsb() OOB after huff_decode
avcodec/dfpwmdec: Check nb_samples
avcodec/alsdec: do not set nbits invalidly
swscale/swscale_unscaled: adjust last line copy
swscale/swscale: Check srcSliceY and srcSliceH
avformat/avidec: check LIST size in avi_load_index()
avformat/avidec: validate INFO list size before parsing
avformat/matroskadec: Check audio.sub_packet_h * audio.frame_size
libavformat/xwma: fix overflow in seek position
avformat/pcm: Use 64bit for byte_rate
avcodec/adpcm: signed integer overflow in ADPCM_N64
avcodec/hevc/ps: validate rep_format dimensions in multi-layer SPS
avfilter/vf_kerndeint: Check for minimum height
avcodec/ralf: Add the missing return statement after the error log
avfilter/vf_codecview: Clamp block to the visible frame region
avcodec/zmbv: reject XOR data that overruns the decompression buffer
[66 lines not shown]
